@wraps.dev/cli 2.17.23 → 2.18.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +69 -35
- package/dist/cli.js +7402 -7244
- package/dist/cli.js.map +1 -1
- package/dist/lambda/event-processor/.bundled +1 -1
- package/dist/lambda/inbound-processor/.bundled +1 -1
- package/dist/lambda/sms-event-processor/.bundled +1 -1
- package/package.json +1 -1
package/README.md
CHANGED
|
@@ -416,59 +416,93 @@ The CLI offers four presets that control which AWS resources are created:
|
|
|
416
416
|
### Custom
|
|
417
417
|
Select individual features. Useful if you want event storage without a dedicated IP, or specific event types only.
|
|
418
418
|
|
|
419
|
-
##
|
|
419
|
+
## DNS Configuration
|
|
420
420
|
|
|
421
|
-
During `wraps email init` and `wraps email upgrade`, the CLI
|
|
421
|
+
During `wraps email init`, `wraps email inbound init`, and `wraps email upgrade`, the CLI creates DNS records for email authentication. You choose your DNS provider and the CLI either creates records automatically or shows you exactly what to add manually.
|
|
422
|
+
|
|
423
|
+
### What Records Are Created
|
|
424
|
+
|
|
425
|
+
| Record | Type | Purpose | Required? |
|
|
426
|
+
|--------|------|---------|-----------|
|
|
427
|
+
| DKIM (3 records) | CNAME | Cryptographic signatures proving emails are from your domain | Yes |
|
|
428
|
+
| SPF | TXT | Authorizes Amazon SES to send email on behalf of your domain | Yes |
|
|
429
|
+
| DMARC | TXT | Policy for how receivers handle emails failing DKIM/SPF | Recommended (skip if you have one) |
|
|
430
|
+
| MAIL FROM MX | MX | Routes bounce notifications to SES for proper handling | Recommended for DMARC alignment |
|
|
431
|
+
| MAIL FROM SPF | TXT | Authorizes SES to send from the MAIL FROM subdomain | With MAIL FROM only |
|
|
432
|
+
| Tracking | CNAME | Routes open/click tracking through your domain | Optional |
|
|
433
|
+
|
|
434
|
+
The CLI shows all records before creating them and lets you select which to create. For example, if you already have a DMARC policy, you can deselect the DMARC record.
|
|
422
435
|
|
|
423
436
|
### Supported DNS Providers
|
|
424
437
|
|
|
425
|
-
| Provider |
|
|
426
|
-
|
|
427
|
-
| AWS Route53 |
|
|
428
|
-
|
|
|
429
|
-
|
|
|
438
|
+
| Provider | Authentication | Required Token Scopes |
|
|
439
|
+
|----------|---------------|----------------------|
|
|
440
|
+
| AWS Route53 | Your AWS credentials | `route53:ChangeResourceRecordSets` |
|
|
441
|
+
| Cloudflare | API Token | Zone > DNS > Edit (for your zone) |
|
|
442
|
+
| Vercel DNS | API Token | Full Access, or scoped with DNS access |
|
|
443
|
+
| Manual | — | You add records yourself |
|
|
430
444
|
|
|
431
|
-
###
|
|
445
|
+
### Providing Credentials
|
|
446
|
+
|
|
447
|
+
**Option 1: Environment variables** (recommended for CI/CD and repeat use)
|
|
432
448
|
|
|
433
|
-
**Vercel DNS:**
|
|
434
449
|
```bash
|
|
435
|
-
#
|
|
436
|
-
export
|
|
450
|
+
# Cloudflare
|
|
451
|
+
export CLOUDFLARE_API_TOKEN=your_token
|
|
452
|
+
export CLOUDFLARE_ZONE_ID=your_zone_id # optional, auto-detected from domain
|
|
453
|
+
|
|
454
|
+
# Vercel
|
|
455
|
+
export VERCEL_TOKEN=your_token
|
|
456
|
+
export VERCEL_TEAM_ID=team_xxxxx # optional, for team accounts
|
|
437
457
|
|
|
438
|
-
#
|
|
439
|
-
|
|
458
|
+
# Route53 — uses your existing AWS credentials
|
|
459
|
+
aws configure
|
|
440
460
|
```
|
|
441
461
|
|
|
462
|
+
**Option 2: Interactive prompt**
|
|
463
|
+
|
|
464
|
+
If no environment variable is set, the CLI prompts you to paste your token during setup. The token is used for the current session only and is never stored to disk.
|
|
465
|
+
|
|
466
|
+
### Creating API Tokens
|
|
467
|
+
|
|
442
468
|
**Cloudflare:**
|
|
443
|
-
```bash
|
|
444
|
-
# Create token at: https://dash.cloudflare.com/profile/api-tokens
|
|
445
|
-
# Token needs: Zone.DNS (Edit) permission
|
|
446
|
-
export CLOUDFLARE_API_TOKEN=your_token_here
|
|
447
469
|
|
|
448
|
-
|
|
449
|
-
|
|
450
|
-
|
|
470
|
+
1. Go to https://dash.cloudflare.com/profile/api-tokens
|
|
471
|
+
2. Click **Create Token**
|
|
472
|
+
3. Use the **Edit zone DNS** template
|
|
473
|
+
4. Under Zone Resources, select your domain's zone
|
|
474
|
+
5. Create the token and copy it
|
|
451
475
|
|
|
452
|
-
**
|
|
453
|
-
|
|
454
|
-
|
|
455
|
-
|
|
456
|
-
|
|
457
|
-
|
|
476
|
+
**Vercel:**
|
|
477
|
+
|
|
478
|
+
1. Go to https://vercel.com/account/tokens
|
|
479
|
+
2. Click **Create**
|
|
480
|
+
3. Give it a descriptive name (e.g., "wraps-dns")
|
|
481
|
+
4. Set scope to your team if applicable
|
|
482
|
+
5. Create and copy the token
|
|
458
483
|
|
|
459
484
|
### Manual DNS
|
|
460
485
|
|
|
461
|
-
If you don't
|
|
486
|
+
If you choose "Manual" or don't have a supported DNS provider, the CLI displays all required records grouped by purpose with copy-paste values:
|
|
462
487
|
|
|
463
488
|
```
|
|
464
|
-
|
|
465
|
-
|
|
466
|
-
|
|
467
|
-
|
|
468
|
-
|
|
469
|
-
|
|
470
|
-
|
|
471
|
-
|
|
489
|
+
DKIM (3 CNAMEs)
|
|
490
|
+
Cryptographic signatures proving emails are from your domain
|
|
491
|
+
|
|
492
|
+
CNAME abc123._domainkey.example.com
|
|
493
|
+
→ abc123.dkim.amazonses.com
|
|
494
|
+
|
|
495
|
+
SPF (TXT)
|
|
496
|
+
Authorizes Amazon SES to send email on behalf of your domain
|
|
497
|
+
|
|
498
|
+
TXT example.com
|
|
499
|
+
→ v=spf1 include:amazonses.com ~all
|
|
500
|
+
|
|
501
|
+
DMARC (TXT)
|
|
502
|
+
Policy for how receivers handle emails failing DKIM/SPF checks
|
|
503
|
+
|
|
504
|
+
TXT _dmarc.example.com
|
|
505
|
+
→ v=DMARC1; p=quarantine; rua=mailto:postmaster@example.com
|
|
472
506
|
```
|
|
473
507
|
|
|
474
508
|
## Hosting Provider Integration
|